aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/service/security
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/service/security')
-rw-r--r--src/main/java/com/juick/service/security/BearerTokenAuthenticationFilter.java3
-rw-r--r--src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java1
-rw-r--r--src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java3
3 files changed, 4 insertions, 3 deletions
diff --git a/src/main/java/com/juick/service/security/BearerTokenAuthenticationFilter.java b/src/main/java/com/juick/service/security/BearerTokenAuthenticationFilter.java
index f4e73b12..e5fdd738 100644
--- a/src/main/java/com/juick/service/security/BearerTokenAuthenticationFilter.java
+++ b/src/main/java/com/juick/service/security/BearerTokenAuthenticationFilter.java
@@ -28,6 +28,7 @@ import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpHeaders;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
@@ -58,7 +59,7 @@ public class BearerTokenAuthenticationFilter extends BaseAuthenticationFilter {
var headers = Collections.list(request.getHeaderNames())
.stream()
.collect(Collectors.toMap(String::toLowerCase, request::getHeader));
- var authorizationHeaderValue = headers.get("authorization");
+ var authorizationHeaderValue = headers.get(HttpHeaders.AUTHORIZATION.toLowerCase());
if (StringUtils.isNotEmpty(authorizationHeaderValue) && authorizationHeaderValue.startsWith("Bearer")) {
String token = authorizationHeaderValue.substring(7);
try {
diff --git a/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java b/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java
index a851ef36..55c87383 100644
--- a/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java
+++ b/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java
@@ -25,7 +25,6 @@ import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
-import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
diff --git a/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java b/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
index 06f5edf4..57a770fe 100644
--- a/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
+++ b/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
@@ -26,6 +26,7 @@ import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
+import org.springframework.http.HttpHeaders;
import org.springframework.lang.NonNull;
import org.springframework.lang.Nullable;
import org.springframework.security.authentication.RememberMeAuthenticationToken;
@@ -91,7 +92,7 @@ public class HashParamAuthenticationFilter extends BaseAuthenticationFilter {
}
private String hashFromAuthorizationHeader(HttpServletRequest request) {
- String authorizationHeader = request.getHeader("Authorization");
+ String authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
if (StringUtils.isNotEmpty(authorizationHeader)) {
String[] parts = authorizationHeader.split(" ");
if ((parts.length == 2) && parts[0].equals("Juick")) {